emacs-orgmode
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: org-crypt fails if default key is expired while non-default key is t

From: Ihor Radchenko
Subject: Re: org-crypt fails if default key is expired while non-default key is to be used
Date: Mon, 23 Jan 2023 10:16:02 +0000 
Karl Voit <devnull@Karl-Voit.at> writes:

> When I invoked org-decrypt-entry, decrypting works like always. Then
> I modified something in this heading which is tagged with :crypt:.
> On saving that buffer, org-crypt issues an error message:
>
> | Error: (error "GPG error: \"Encrypt failed\", \"Unusable public key:
> | A1234567; Exit\"")
>
> This A1234567 key is my default key and not the org-openpgp-key.
>
> org-encrypt-entry is causing this error at:
>
> |     ;; Text and key have to be identical, otherwise we
> |     ;; re-crypt.
> |     (if (and (equal crypt-key key)
> |              (string= checksum (sha1 contents)))
> |         (get-text-property 0 'org-crypt-text contents)
> |       (epg-encrypt-string epg-context contents crypt-key)))
>
> After fixing the expiry date of A1234567, org-crypt was working
> properly, using the correct org-openpgp-key again.
>
> I do think this is wrong behavior: when the default key is expired
> but a specific secondary key is used, encryption should be possible.

All we do here is calling `epg-encrypt-string' with crypt key obtained
using `org-crypt-key-for-heading', which see.

May I know how exactly did you set `org-crypt-key'? Do you happen to
have CRYPTKEY properties somewhere in your buffer?

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]